package com.project.controller;

import com.baomidou.mybatisplus.core.metadata.IPage;
import com.project.bean.UserBean;
import com.project.service.IUserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;

import javax.servlet.http.HttpServletRequest;


@RestController
@RequestMapping("user")
@Api(tags = "用户控制器")
public class UserController {
    @Autowired
    private IUserService userService;
    @RequestMapping("login")
    @ApiOperation("用户登陆")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "username",value = "用户名",required = true),
            @ApiImplicitParam(name = "password",value = "密码",required = true)
    })
    public UserBean login(String username, String password, HttpServletRequest req){
        Subject subject = SecurityUtils.getSubject();
        try {
            //登陆验证
            subject.login(new UsernamePasswordToken(username,password));
            //得到登陆对象
            UserBean loginUser = (UserBean) subject.getPrincipal();
            req.getSession().setAttribute("loginUser",loginUser);
            return loginUser;
        } catch (Exception e) {
            return null;
        }
    }
    @ApiOperation(value = "添加用户",notes = "添加新用户，同时添加角色")
    @ApiImplicitParam(name="roleIdArr",value = "角色编号数组",required = true)
    @RequestMapping("add")
    @RequiresPermissions("user:*")
    public String add(UserBean user,Integer[] roleIdArr){
        userService.add(user,roleIdArr);
        return "ok";
    }
    @ApiOperation("按编号删除用户")
    @ApiImplicitParam(name="id",value = "编号",required = true)
    @RequestMapping("del")
    @RequiresPermissions("user:*")
    public String del(Integer id){
        userService.del(id);
        return "ok";
    }
    @ApiOperation("修改用户角色")
    @ApiImplicitParams({
            @ApiImplicitParam(name="id",value = "编号",required = true),
            @ApiImplicitParam(name = "roleIdArr",value = "角色编号数组",required = true)
    })
    @RequestMapping("updateRole")
    @RequiresPermissions("user:*")
    public String updateRole(Integer id,Integer[] roleIdArr){
        userService.updateRole(id,roleIdArr);
        return "ok";
    }
    @ApiOperation("按编号查询用户信息")
    @ApiImplicitParam(name="id",value = "编号",required = true)
    @RequestMapping("findById")
    @RequiresPermissions("user:*")
    public UserBean findById(Integer id){
       return userService.findById(id);
    }
    @RequestMapping("changePassword")
    @ApiOperation("按编号修改用户密码")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "oldPassword",value = "旧密码",required = true),
            @ApiImplicitParam(name = "newPassword",value = "新密码",required = true)
    })
    public String changePassword(String oldPassword, String newPassword ,HttpServletRequest req){
        UserBean loginUser = (UserBean)req.getSession().getAttribute("loginUser");
//        if (!loginUser.getPassword().equals(oldPassword)){
//            return "no";
//        }
//        userService.changePassword(loginUser.getId(),newPassword);
//        return "ok";
        Subject subject = SecurityUtils.getSubject();
        try {
            //旧密码验证
            subject.login(new UsernamePasswordToken(loginUser.getUsername(),oldPassword));
            userService.changePassword(loginUser.getId(),newPassword);
            return "ok";
        } catch (Exception e) {
            return "no";
        }
    }
    @ApiOperation(value = "动态分页查询用户",notes = "按页码，用户真实姓名查询用户信息")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "pageNO",value = "页码",required = true),
            @ApiImplicitParam(name = "realName",value = "真实姓名")
    })
    @RequiresPermissions("user:*")
    @RequestMapping("cutByItem")
    public IPage<UserBean> cutByItem(Integer pageNO,String realName){
        return userService.cutByItem(pageNO,realName);
    }

    @ApiIgnore
    @RequestMapping("loginError")
    public String loginError(){
        return "请先登陆";
    }
}
